On Mar 12, 2007, at 6:39 AM, Richard wrote:

> wow thanks for your quick replys !!!
> I have added this to my proftpd.conf :
> UseReverseDNS off
> IdentLookups off

> This has made proftp very fast, however is this safe? The server
> will be soon used for hosting sites and I want it to be as secure
> as possible.
> What do these two commands do? Should I remove the "UseReverseDNS off"
> and just leave the "IdentLookups off" command ? Or is there no
> security problem leaving them both off?

Leaving both of the off is safe in my opinion. Ident really isn't
used anymore, and in places where it is used it is normally
firewalled off. Reverse dns just makes the logs look prettier in
most cases, but in most cases if you do not have a need for the PTR
record in the logs, then it is better turned off. If you use a
program to summarize your logs, it will normally have the ability to
do the lookups for you (and generally has a much better caching)


Patrick Muldoon
Network/Software Engineer
INOC (http://www.inoc.net)
PGPKEY (http://www.inoc.net/~doon)
Key ID: 0x370D752C

/* Don't meddle in the affairs of sysadmins,
* for they are subtle and quick to anger.

Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
ProFTPD Users List
Unsubscribe problems?